Chief Information Security Officer
Campbell, CA, USA
With electric vehicles (EVs) expected to be nearly 30% of new vehicle sales by 2025 and more than 50% by 2040, electric mobility is becoming a reality. ChargePoint is at the center of this revolution, powering one of the world’s leading EV charging networks and a comprehensive set of hardware, software and mobile solutions for nearly every charging need. We bring together drivers, businesses, automakers, policymakers, utilities and other stakeholders to make e-mobility a global reality.
Since our founding in 2007, ChargePoint has focused solely on EV charging and established a business model that's been validated by more than a decade in business and thousands of customers. As we near a public listing milestone that will broaden our market leadership and build on years of innovation, ChargePoint offers a once-in-a-lifetime chance to build our all-electric future and dominate a trillion-dollar market.
Join the team that is building the EV charging industry and make your mark on how people and goods will get everywhere they need to go, in any context, for generations to come.
What You Will Be Doing
We are looking for a capable leader who has a career of security work and possesses both deep and wide expertise in the security space. Our software platforms range from embedded systems to cloud to mobile apps. This individual will oversee ChargePoint information security strategy, policy, standards and architecture to provide security assurance for our customers and our technology. The CISO will be a key pillar to build trust between our customers, partners and internal teams.
This role will be essential to lead security programs and build cross-functional relationships to achieve security objectives, create awareness, influence “security first” culture at ChargePoint. You'll partner with senior/executive leadership, development teams, legal/compliance bodies to strategize secure solutions by understanding the technical aspects of the business problems and applying sound security engineering knowledge and experience.
What You Will Bring to ChargePoint
- Enhance roadmap / architecture for security initiatives to make ChargePoint more secure, from a mobile, station, and cloud perspective
- Be the trusted person for all things security at different levels of ChargePoint leadership.
- Define the security architecture for ChargePoint cloud & mobile application.
- Plan and carry out specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.
- Conduct regular audits of our software and plan penetration testing across the software stack.
- Work with DevOps to improve ChargePoint Software Development and Release processes to minimize security vulnerabilities.
- Spread general awareness and implement best practices to make ChargePoint software more secure
- 10+ years experience in information technology field in operations and information security.
- Fundamental understanding of enterprise security tools, firewalls, VPNs, authentication & authorization systems, cryptography, enterprise key management, etc.
- Strong experience with Linux/Unix operating systems, applications, and networking infrastructure and protocols.
- Strong scripting or programming skills for automating repetitive tasks.
Nice to Have
- 7+ years of hands on experience in development and operations.
- Experience with object oriented languages such as Python (required), C, Java, or Go.
- Proficient with Production site standard methodologies in security, reliability, and scaling.
- Deployment experience with containers, virtualization
- Proficiency in using source code control systems, continuous build integration, test case management and reporting tools
- BS Computer Science (or equivalent) degree is required
- CISSP, CISA, CISM, GCIA, CCM, and/or QSA technical certification is strongly preferred
- 8-10 years’ experience with Information Security, Identity and Access Management, Security and Identity Governance, PCI compliance and Multi-Factor processes and technologies, including experience with:
- Single Sign-on (SSO, 2-factor authentication, OpenID Connect)
- Federated Identity Management ( OAuth 2.0, OpenID Connect, SAML)
- PCI DSS standards
- Role-based access control (RBAC)
- Assessment and minimally complying with FISMA and SSAE 16 SOC
- Integration of SSO tools (Okta) with AD and LDAP
- Working knowledge of Directory Services Architecture, LDAP Application integration and Implementation, custom LDAP schemas
- Experience in supporting Application, Database, Network and Yearly Pen Test for various support environments
- Must have expert knowledge of the PCI-DSS and working knowledge of government privacy, and Sarbanes-Oxley requirements
- Working knowledge of EU Data Privacy laws, specifically impact of GDPR rollout
- Experience in designing LDAP schemas and organizational units in Microsoft Active Directory (AD) and leverage of Group Policy Objects (GPOs) to manage user security
- Experience in selecting and managing security of VPN
- Experience with remote access and multi-factor security technologies, such as SSL VPNs and RSA SecurID systems
- Experience with implementing an MDM solution
- Experience in implementing and complying with CIS top 20 standards
- Experience and knowledge of PCI standards and compliance framework
- Scripting or programming experience
- Strong Business and Technical Skills
- Attention to detail, ability to organize work and follow-up skills are critical to the successful performance of position responsibilities
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences
- Ability to prioritize and meet deadlines is critical
- Strong troubleshooting skills
- Self-reliant, resourceful but able to know when to ask for help
- Understanding of Security frameworks, such as ISO/IEC 27001
We are committed to an inclusive and diverse team. ChargePoint is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.
If there is a match between your experiences/skills and the Company needs, we will contact you directly.
ChargePoint is an equal opportunity employer.
Applicants only - Recruiting agencies do not contact. #LI-CL1
Your application has been successfully submitted.